House panel probes DHS scans of state election tech

Oversight Committee Chairman Jason Chaffetz wants the Department of Homeland Security’s inspector general to look more deeply into reports of unauthorized scans of Georgia's network firewall.

 

The leader of the House Committee on Oversight and Government Reform wants a fuller accounting from the Department of Homeland Security about complaints of the agency "rattling of doorknobs" on the state of Georgia's network firewall.

Committee Chairman Jason Chaffetz (R-Utah) sent letters on Jan. 11 to DHS Secretary Jeh Johnson and DHS Inspector General John Roth asking about "unauthorized scans" and "unsuccessful attempts to penetrate" the Georgia Secretary of State's  firewall from last February into November's election season.  

The letters to Roth and Johnson were released publicly on Jan. 17.

The correspondence was spurred by Georgia's Secretary of State Brian Kemp's repeated letters to DHS asking the agency to provide more information on what he said were attempts to penetrate his agency’s firewall from "a DHS-registered IP address." He said the attempts dated back to last February.

Kemp has been a vocal opponent of making state election infrastructure federally defended "critical infrastructure" in the wake of the hacking of election databases by Russia.

In the run-up to the November election, DHS was increasingly concerned about those hackers penetrating state-run election systems. Many states were asking DHS for help to block hacking attempts. That help included the agency's network scanning capabilities.

At about the same time, Kemp became particularly vocal about his opposition to adding state-run election systems to DHS' list of 15 critical infrastructure systems.

In mid-December, Kemp wrote President-elect Donald Trump that his agency’s systems had experienced "nine additional, but 'less intrusive scans'" dating back to February 2016. Most of the alleged attempts, such as a Sept. 28 incident that occurred just before Kemp testified before Chaffetz' committee on election cybersecurity, occurred around a significant election-related date.

Johnson declared state election systems "critical infrastructure" in early January. Kemp called that declaration "blatant overreach" by the federal government and vowed to "continue to fight to keep election systems under the control of state government where it belongs."

In his letter to Roth, Chaffetz requested the IG open an investigation into DHS' activities with the Georgia system. In his letter to Johnson, Chaffetz requested all of the DHS secretary's correspondence with Kemp.

According to Chaffetz' letter to Roth, Johnson informed Kemp the attempt to gain access to the state's network had been "normal…interaction" by a DHS contractor with the Georgia Secretary of States' website." Johnson, according to Chaffetz, assured Kemp that "'there was no scanning,'" or security assessment of the network by DHS.

DHS, Chaffetz said, traced the attempt outlined in Kemp's first letter to the agency back to a contractor working at the Federal Law Enforcement Training Center in Glynco, Ga., who said it was verifying licenses for prospective armed guards for the facility, a service that the Secretary of State's website provides.

Chaffetz, however, said Johnson didn't provide adequate information to verify that claim and had said the response was an "initial finding" and "subject to change." Chaffetz also questioned the agency's ability to investigate itself efficiently or without bias.

The official explanation, Chaffetz wrote, is dubious and requires an independent investigation.